Rsa

• 1. Public Key Cryptographyand the RSA Algorithm Cryptography and Network Security by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik

2. Private-Key Cryptography

• traditionalprivate/secret/single keycryptography usesonekey

• Key is shared by both sender and receiver

• if the key is disclosed communications are compromised

• also known assymmetric , both parties are equal

• • hence does not protect sender from receiver forging a message & claiming is sent by sender

3. Public-Key Cryptography

• probably most significant advance in the 3000 year history of cryptography

• usestwokeys a public key and a private key

• asymmetricsince parties arenotequal

• uses clever application of number theory concepts to function

• complementsrather thanreplaces private key cryptography

4. Public-Key Cryptography

• public-key/two-key/asymmetriccryptography involves the use oftwokeys:

• • apublic-key , which may be known by anybody, and can be used toencrypt messages , andverify signatures

• • aprivate-key , known only to the recipient, used todecrypt messages , andsign(create)signatures

• isasymmetricbecause

• • those who encrypt messages or verify signaturescannotdecrypt messages or create signatures

5. Public-Key Cryptography 6. Why Public-Key Cryptography?

• developed to address two key issues:

• • key distribution how to have secure communications in general without having to trust a KDC with your key

• • digital signatures how to verify a message comes intact from the claimed sender

• public invention due to Whitfield Diffie & Martin Hellman at Stanford U. in 1976

• • known earlier in classified community

7. Public-Key Characteristics

• Public-Key algorithms rely on two keys with the characteristics that it is:

• • computationally infeasible to find decryption key knowing only algorithm & encryption key

• • computationally easy to en/decrypt messages when the relevant (en/decrypt) key is known

• • either of the two related keys can be used for encryption, with the other used for decryption (in some schemes)

8. Public-Key Cryptosystems 9. Public-Key Applications

• can classify uses into 3 categories:

• • encryption/decryption(provide secrecy)

• • digital signatures(provide authentication)

• • key exchange(of session keys)

• some algorithms are suitable for all uses, others are specific to one

10. Security of Public Key Schemes

• like private key schemes brute forceexhaustive searchattack is always theoretically possible

• but keys used are too large (>512bits)

• security relies on alarge enoughdifference in difficulty betweeneasy(en/decrypt) andhard(cryptanalyse) problems

• more generally thehardproblem is known, its just made too hard to do in practise

• requires the use ofvery large numbers

• hence isslowcompared to private key schemes

11. RSA

• by Rivest, Shamir & Adlemanof MIT in 1977

• best known & widely used public-key scheme

• based on exponentiation in a finite (Galois) field over integers modulo a prime

• • nb. exponentiation takes O((log n) 3 ) operations (easy)

• uses large integers (eg. 1024 bits)

• security due to cost of factoring large numbers

• • nb. factorization takes O(elog n log log n ) operations (hard)

12. RSA Key Setup

• each user generates a public/private key pair by:

• selecting two large primes at random -p, q

• computing their system modulusN=p.q

• • note(N)=(p-1)(q-1)

• selecting at random the encryption keye

• • • where 1< e